Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/f31be0-10e0-40ed-a6d7-41ecdc7a36f4/1/ESp2P2qg1tcbnP0x2cOMAxJ9cfY.roa
File: ESp2P2qg1tcbnP0x2cOMAxJ9cfY.roa (raw, json)
Hash identifier: NXfX71EbjUbs5qPqJFV7lpPUd0bJOBkN6qOg1PkmUtM=
Subject key identifier: 11:2A:76:3F:6A:A0:D6:D7:1B:9C:FD:31:D9:C3:8C:03:12:7D:71:F6
Certificate issuer: /CN=da52c38f0c7febae135d5dddd948cf26becef3bc
Certificate serial: 01942747A4140B10C67C2FA175A97885D736
Authority key identifier: DA:52:C3:8F:0C:7F:EB:AE:13:5D:5D:DD:D9:48:CF:26:BE:CE:F3:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2lLDjwx_664TXV3d2UjPJr7O87w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/f31be0-10e0-40ed-a6d7-41ecdc7a36f4/1/ESp2P2qg1tcbnP0x2cOMAxJ9cfY.roa
Signing time: Thu 02 Jan 2025 13:49:53 +0000
ROA not before: Thu 02 Jan 2025 13:49:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24879
IP address blocks: 193.111.166.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:a4:14:0b:10:c6:7c:2f:a1:75:a9:78:85:d7:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da52c38f0c7febae135d5dddd948cf26becef3bc
Validity
Not Before: Jan 2 13:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=112a763f6aa0d6d71b9cfd31d9c38c03127d71f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:94:c2:42:48:7c:21:88:78:ad:d3:f2:79:e1:
d8:cc:1a:03:b5:cd:a3:31:e6:1b:e9:0c:a3:13:64:
2e:e4:b6:e3:ca:4e:cf:b7:4f:30:3f:e3:7e:7e:bd:
c6:33:43:19:5f:bb:8d:c9:2a:ec:34:1f:04:a6:0e:
9d:6c:e6:60:07:ae:e7:43:29:77:8b:8b:41:5f:b4:
a9:16:f3:2a:8e:82:ef:75:80:fc:fa:f6:82:37:bf:
46:e5:ea:a7:9b:01:b4:09:96:28:c4:99:03:5e:db:
10:fb:80:56:6a:a7:d1:6a:30:3f:92:15:b6:37:c1:
a8:4c:27:d0:ed:29:52:cf:2a:18:4e:40:02:8c:ec:
70:a7:26:7d:cc:49:0b:6a:bc:a7:93:26:7f:42:41:
2a:53:e3:70:47:3a:a1:28:e1:41:f3:78:a4:f9:da:
5b:73:89:0b:ef:85:35:83:9a:fd:e4:fc:77:f5:b4:
11:15:ea:96:7c:2b:3e:42:5b:78:13:74:5d:6c:cc:
d3:34:69:1d:c4:1f:f5:b0:26:fb:7a:57:1d:a5:a3:
73:29:c6:ab:a2:2b:55:26:b2:c0:da:b1:cf:03:17:
b0:09:7d:e7:37:8c:74:86:f0:0c:12:28:7b:a7:82:
62:c4:58:54:31:e7:9e:e0:08:44:a5:63:de:0b:1a:
96:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:2A:76:3F:6A:A0:D6:D7:1B:9C:FD:31:D9:C3:8C:03:12:7D:71:F6
X509v3 Authority Key Identifier:
keyid:DA:52:C3:8F:0C:7F:EB:AE:13:5D:5D:DD:D9:48:CF:26:BE:CE:F3:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lLDjwx_664TXV3d2UjPJr7O87w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f31be0-10e0-40ed-a6d7-41ecdc7a36f4/1/ESp2P2qg1tcbnP0x2cOMAxJ9cfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/f31be0-10e0-40ed-a6d7-41ecdc7a36f4/1/2lLDjwx_664TXV3d2UjPJr7O87w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.166.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:b6:50:94:16:61:e2:91:5c:fc:fe:8a:88:d9:3f:54:96:ff:
19:b0:b3:46:3f:c0:76:99:e7:82:a9:f0:53:fd:10:8b:84:c1:
7a:2d:5f:c8:04:f2:e7:cf:25:eb:1c:fb:87:90:e6:39:b8:97:
0c:75:46:68:b3:c9:51:fc:ac:41:9f:b1:12:e7:1e:0b:c1:3d:
50:c8:a7:00:72:31:92:84:aa:ec:be:c9:01:4e:c6:a3:8d:b3:
ac:f9:fa:f2:17:2d:e2:11:1c:fa:e8:b9:e3:e9:56:51:65:c1:
e7:e5:5b:35:ed:bc:d9:75:41:80:34:28:73:4d:10:a6:7b:ed:
b8:20:10:25:04:05:70:1e:c7:bb:a1:19:10:6e:49:02:1f:41:
76:25:74:cd:68:c4:01:cf:41:87:5c:04:fd:a4:0d:a1:2a:70:
33:4d:85:08:c5:e3:75:f8:63:1a:6c:b0:de:54:a9:50:64:57:
58:45:f5:87:a8:9a:00:d1:cb:d1:fa:70:56:c5:6b:32:d0:44:
5c:c0:55:00:86:9b:22:21:15:30:29:57:49:6e:cf:f9:32:94:
eb:6f:53:c2:34:3e:95:f5:92:ac:0a:8b:45:c3:c1:e4:a0:99:
88:2b:a9:ad:b9:1a:22:33:05:12:3a:2c:4b:f9:5a:58:2e:8b:
34:90:41:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR6QUCxDGfC+hdal4hdc2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTJjMzhmMGM3ZmViYWUxMzVkNWRkZGQ5NDhjZjI2YmVj
ZWYzYmMwHhcNMjUwMTAyMTM0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTJhNzYzZjZhYTBkNmQ3MWI5Y2ZkMzFkOWMzOGMwMzEyN2Q3MWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3JTCQkh8IYh4rdPyeeHYzBoDtc2j
MeYb6QyjE2Qu5Lbjyk7Pt08wP+N+fr3GM0MZX7uNySrsNB8Epg6dbOZgB67nQyl3
i4tBX7SpFvMqjoLvdYD8+vaCN79G5eqnmwG0CZYoxJkDXtsQ+4BWaqfRajA/khW2
N8GoTCfQ7SlSzyoYTkACjOxwpyZ9zEkLarynkyZ/QkEqU+NwRzqhKOFB83ik+dpb
c4kL74U1g5r95Px39bQRFeqWfCs+Qlt4E3RdbMzTNGkdxB/1sCb7elcdpaNzKcar
oitVJrLA2rHPAxewCX3nN4x0hvAMEih7p4JixFhUMeee4AhEpWPeCxqWpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBEqdj9qoNbXG5z9MdnDjAMSfXH2MB8GA1UdIwQY
MBaAFNpSw48Mf+uuE11d3dlIzya+zvO8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxMRGp3eF82NjRUWFYzZDJValBKcjdPODd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mMzFiZTAtMTBlMC00MGVkLWE2ZDct
NDFlY2RjN2EzNmY0LzEvRVNwMlAycWcxdGNiblAweDJjT01BeEo5Y2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mMzFiZTAtMTBlMC00MGVkLWE2ZDctNDFlY2RjN2EzNmY0
LzEvMmxMRGp3eF82NjRUWFYzZDJValBKcjdPODd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwW+mMA0G
CSqGSIb3DQEBCwUAA4IBAQCptlCUFmHikVz8/oqI2T9Ulv8ZsLNGP8B2meeCqfBT
/RCLhMF6LV/IBPLnzyXrHPuHkOY5uJcMdUZos8lR/KxBn7ES5x4LwT1QyKcAcjGS
hKrsvskBTsajjbOs+fryFy3iERz66Lnj6VZRZcHn5Vs17bzZdUGANChzTRCme+24
IBAlBAVwHse7oRkQbkkCH0F2JXTNaMQBz0GHXAT9pA2hKnAzTYUIxeN1+GMabLDe
VKlQZFdYRfWHqJoA0cvR+nBWxWsy0ERcwFUAhpsiIRUwKVdJbs/5MpTrb1PCND6V
9ZKsCotFw8HkoJmIK6mtuRoiMwUSOixL+VpYLos0kEHl
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:46:01 2025 by rpki-client